4.4 Enabling LDAP and Active Directory Authentication

Oracle VM Manager is an application that runs on Oracle WebLogic Server. For this reason, Oracle VM Manager supports any authentication providers that Oracle WebLogic Server supports.

To configure Oracle VM Manager to authenticate against an LDAP or Active Directory service, you must add the directory service as an authentication provider in Oracle WebLogic Server, as follows:

Note

The Oracle VM Manager upgrade process does not save and restore any configurations you create for external authentication providers. If you enable LDAP or Active Directory authentication and then upgrade Oracle VM Manager, you must complete the following steps after the upgrade to re-enable authentication.

  1. Open the Oracle WebLogic Server Administration Console at:

    https://hostname:7002/console

    Where hostname is the Oracle VM Manager hostname or IP address.

  2. Log in as the weblogic user.

  3. Click Lock & Edit to modify the domain.

  4. From the Domain Structure pane, select Security Realms, and then select myrealm.

    The settings page for the security realm displays.

  5. Select the Providers tab and locate the Authentication Providers table.

  6. Click New to create an authentication provider.

  7. Specify a name for the authentication provider, select LDAPAuthenticator as the type of authentication provider, and then click OK.

    The new authentication provider displays in the Authentication Providers table.

  8. Change the authentication sequence so that the LDAP authentication provider takes priority over other authentication providers.

    1. Click Reorder from the Authentication Providers table.

    2. Move the LDAP authentication provider to the top of the list and then click OK.

  9. Select the LDAP authentication provider you created from the Authentication Providers table.

    The settings page displays.

  10. On the Common tab, select SUFFICIENT as the value for Control Flag and then click Save.

  11. Select the Provider Specific tab, configure the authentication provider as appropriate, and then click Save.

  12. Click Activate Changes to apply your changes.

  13. Restart the Oracle VM Manager service as root: 

    # service ovmm restart

Verify that the LDAP authenticator is configured and that the LDAP users and groups are populated in Oracle WebLogic Server, as follows:

  1. Log in to the Oracle WebLogic Server Administration Console.

  2. From the Domain Structure pane, select Security Realms, and then select myrealm.

  3. Select the Users and Groups tab.

  4. Verify that the LDAP users and groups are populated as appropriate.

Copyright © 2014, 2019 Oracle and/or its affiliates. All rights reserved. Legal Notices